package com.mask.example.controller;

import com.mask.token.annotation.RequireLogin;
import com.mask.token.annotation.RequirePermission;
import com.mask.token.annotation.RequireRole;
import com.mask.token.common.Result;
import com.mask.token.model.MaskUserDetails;
import com.mask.example.entity.User;
import com.mask.example.service.UserService;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * 用户控制器示例
 * 展示如何使用权限注解
 *
 * @author mask
 * @since 1.0.0
 */
@RestController
@RequestMapping("/api/users")
@RequiredArgsConstructor
public class UserController {

    private final UserService userService;

    /**
     * 获取当前用户信息 - 需要登录
     */
    @RequireLogin
    @GetMapping("/profile")
    public Result<MaskUserDetails> getProfile() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        MaskUserDetails userDetails = (MaskUserDetails) auth.getPrincipal();
        return Result.success(userDetails);
    }

    /**
     * 获取所有用户 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @GetMapping
    public Result<List<User>> getAllUsers() {
        List<User> users = userService.findAll();
        return Result.success(users);
    }

    /**
     * 根据ID获取用户 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @GetMapping("/{id}")
    public Result<User> getUserById(@PathVariable Long id) {
        User user = userService.findById(id);
        return Result.success(user);
    }

    /**
     * 创建用户 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @PostMapping
    public Result<User> createUser(@RequestBody User user) {
        User createdUser = userService.save(user);
        return Result.success("用户创建成功", createdUser);
    }

    /**
     * 更新用户 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @PutMapping("/{id}")
    public Result<User> updateUser(@PathVariable Long id, @RequestBody User user) {
        user.setId(id);
        User updatedUser = userService.save(user);
        return Result.success("用户更新成功", updatedUser);
    }

    /**
     * 删除用户 - 需要user:delete权限
     */
    @RequirePermission("user:delete")
    @DeleteMapping("/{id}")
    public Result<Void> deleteUser(@PathVariable Long id) {
        userService.deleteById(id);
        return Result.success("用户删除成功", null);
    }

    /**
     * 批量删除用户 - 需要user:delete权限
     */
    @RequirePermission("user:delete")
    @DeleteMapping("/batch")
    public Result<Void> batchDeleteUsers(@RequestBody List<Long> ids) {
        userService.deleteByIds(ids);
        return Result.success("批量删除成功", null);
    }

    /**
     * 重置用户密码 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @PostMapping("/{id}/reset-password")
    public Result<Void> resetPassword(@PathVariable Long id) {
        userService.resetPassword(id);
        return Result.success("密码重置成功", null);
    }

    /**
     * 启用/禁用用户 - 需要ADMIN角色
     */
    @RequireRole("ADMIN")
    @PostMapping("/{id}/toggle-status")
    public Result<Void> toggleUserStatus(@PathVariable Long id) {
        userService.toggleStatus(id);
        return Result.success("用户状态更新成功", null);
    }
}
